Ssh server configuration examples, Network requirements, Configuration procedure – H3C Technologies H3C S5120 Series Switches User Manual
Page 490
1-12
For information about the display public-key local and display public-key peer commands, refer to
Public Key Commands.
SSH Server Configuration Examples
When Switch Acts as Server for Password Authentication
Network requirements
z
As shown in
, a local SSH connection is established between the host (the SSH client)
and the switch (the SSH server) for secure data exchange.
z
Password authentication is required. The username and password are saved on the switch.
Figure 1-1 Switch acts as server for password authentication
SSH client
SSH server
Host
Switch
192.168.0.2/24
Vlan-int1
192.168.0.1/24
Configuration procedure
1) Configure the SSH server
# Generate RSA and DSA key pairs and enable the SSH server.
<Switch> system-view
[Switch] public-key local create rsa
[Switch] public-key local create dsa
[Switch] ssh server enable
# Configure an IP address for VLAN interface 1. This address will serve as the destination of the SSH
connection.
[Switch] interface vlan-interface 1
[Switch-Vlan-interface1] ip address 192.168.1.40 255.255.255.0
[Switch-Vlan-interface1] quit
# Set the authentication mode for the user interfaces to AAA.
[Switch] user-interface vty 0 4
[Switch-ui-vty0-4] authentication-mode scheme
# Enable the user interfaces to support SSH.
[Switch-ui-vty0-4] protocol inbound ssh
[Switch-ui-vty0-4] quit
# Create local user client001, and set the user command privilege level to 3
[Switch] local-user client001